Anything Else

One of the first thing one sets up when starting a software startup is a version control system, and when we started Vakow! we decided to use SVN because we gained lots of experience with SVN in previous work environment, is free, and more importantly, the cheapest dreamhost account allowed us to run SVN central repository without any problems. Other reasons to use it could be TortoiseSVN for windows user. SVN just works, and central repository and work flow is quite easy to fit in ones mind, there is a repository, you checkout, you work, you see what you have changed so far, you commit, and you update changes done by others. There are tags and branches, but they are nothing for folders for SVN. The weak portion of SVN is merge, basic merge offered by SVN is doable if you keep track of merge revisions numbers in revision logs, this, tho tedious is usually manageable. I was pretty happy with the setup, bugzilla integration worked just fine, tho I am yet to publish my SVN-Bugzilla integration script that works on Dreamhost thanks to endless procrastination. Soon I will. Promise. :-)

Another reason to use SVN for Vakow! when we started was that well, Git wasn't there then.

So what is the problem with SVN. Like I said above, SVN does not help you almost at all in merging. There is no native concept of merge in SVN. SVN is linear history of one big folder, which is organised in trunk and branches, and there is no native support for trunk and branches/tags either in SVN(1.4). These were all cool decisions taken by SVN developers that made it so easy to grasp by developers and its simplicity means robust implementation [without letting the Gods(=Linus et al) come into picture], which all lead to wide spread adoption. But I digress.

Because of lack of merge capability, working with branches is difficult. The work flow for branches is, you have some feature that will take some time to develop, and you do not want to let your customers know prematurely know about the new feature or may be the new feature will destabilize the main code for some time before its stable, you branch off. In SVN you create a copy of your trunk in a new folder, by convention it resides under a folder called "branches". You work on trunk, mostly bug fixes and minor features, on your main stable code, and you work in parallel on the new feature branch. SVN is excellent in letting you do this. But after the work is done, you ultimately have combine the changes you have done in trunk and in the feature branch and move it to trunk. This is what SVN is not good at. SVN does not know about branch, its a folder, so it cant merge, but what it can do is, take the diff of two versions for any folder, and give you a patch file, and then you can apply this patch file to some code and get a merge.

This is how it works: lets say you branched out the feature branch on revision 100, and have been developing trunk and branch till revision 200, when you realize you want to create a build to give it to testers, and you have to make sure changes from rev 100 to 200 on trunk also gets into the branch. So you create a diff from revision 100 to 200 on trunk, and apply it to branch. But merging is not trivial, you may have made changes to same files and same lines that other developers did in trunk while working on feature branch. You have to resolve it manually and its a laborious process. But what happens if testers say no go, and find 10 more bugs for you to fix. You could either revert the changes from trunk, to keep things clean, so that when you are on rev 300 lets say, you can again get the changes on trunk from rev 100 to 300 and apply the patch on branch. Or you can let the changes after merge at rev 200 stay, and keep working separately on trunk and branch. So in future when you have to merge the changes from trunk again, you have to remember your decision. So you must keep it logged in SVN commit logs or somewhere. Biggest issue is that in SVN when you merge, you lose history, you lose exactly how the file changed over time, and the person who merged would be logged as the person who made all the changes. Terrible thing in my opinion.

What happens if more than one branch is involved and merges are brought back and forth between them? The method of merging I described above becomes too difficult to keep track of, remember in real like the revision numbers are not as rounded as 100 and 200 as I used above. This leads to lots of  uncertainty, and programmers hate uncertainty. This all leads to programmers general reluctance to use branches, to consider branches as necessary evil, and a constant effort to keep the number of branches at minimum, with a clear head of the branch defined who is responsible for merging and making sure nobody else is applying the merges and messing with the revision numbers. A small mistake, lets say you merged from revision 1946:2045 instead of 1945:2045 may lead to important bug fix getting lost in the process of merging. Headaches.

I managed with this at Vakow! almost never worked on any branch for any significant time, and given that we were just two people, of which only one can be considered a real programmer, it was not really a big issue. And after all till before Git/Mercurial started to become fashionable about 6-8 months ago [or this is when I started to learn about them], this was the state of art of version control for me.

So how does Git help? Well the first difference between SVN and Git is that Git is distributed where as SVN is centralized. What does it mean, and how does it make merge easier? I am not sure I am absolutely correct about it, but this is what I understand so far. This will make most sense for SVN veterans only, in Git there is no central repository, every "checkout" is "complete", it not only contains the latest code, as checked out code in SVN does, but it also gets complete revision history and all tags and branches. This might sound astounding, what if you had 1000s of checkins and tens of branches, how much space will it all take, but the Gods did step into it when Git came into existence so they solved this issue, and a typical Git clone with all its glory, compares well with SVN checkout when it comes to disk space, and even network transfer rate. These are the things I don't usually bother much as long as they are manageable, so don't tell me if one of them is some percent faster or smaller for some operation or another than other. Since the repository is with you in Git lots of things become fast, checking log is blazing fast for oldest commits, and so is creating branches and doing commits. But this is not why Git or other distributed version control systems shine. I digress again.

Because you have the whole revision history for each branch and trunk, you can do something cool when merging. In git, branch is not branch of a folder as is the case in SVN, its a branch of a commit, Git remember this, where the commit came from, which branch, and what revision. Lets take our original example: branch on 100, merge on 200. Of course Git does not use the numbers like this as its distributed and if it auto incremented both you and me can check in and get version no 101, and then when merging this number will serve no purpose, so Git relies on cryptographic hashing based on commit changes and author info to get revision ids. Anyways, lets say those ids were 100 and 200 and when we are merging the branch=feature[trunk*100] (git keeps track of origin of a branch). This is what git does to merge: it goes back to revision 100, when both trunk and branch and the same content. Then it starts applying changes in the order the happened, lets say first change happened on trunk, so it applies, then the next change on branch, it merges, and so forth. This is possible because the entire change history is available to git. In case there were no conflicts, by the end of it you all changes on trunk applied on branch and git commits by default. This will make the branch now become feature[trunk*200] because now its effectively a branch of revision 200 of trunk. You did not have to remember the revision numbers. Branch based coding heaven!. What happens if 30th commit lead to a conflict? I am not sure about it, if I was designing Git probably I will just ignore that commit and go on, and so on for each conflict causing commit, and at the end of it, I will apply all conflicting commits on top, I am just speculating, conflicts will still cause problem, but because changes are being applied in sequence in which they happened, it reduces the conflicts that happen when the SVN style on big patch is applied to a branch that is really far into the future. Incremental merging will be less error prone then such bulk merging. I just realized I was wrong, Git does something even better(I am glad I did not design it :-), it stops at the first conflict and lets you manually resolve it before proceeding.Now by the end of it, you will have all changes merged cleanly, at any time you will be only trying to resolve one conflict, where as in SVN style bulk merge you would have to resolve conflicts due to more than one conflicting changes at once.

Enough of theory. But still does not solve the problem for Vakow!, we still have others who do not understand Git, who like the simplicity of SVN or are just used to it and considered learning one revision control system enough for their lifetime, and because I have not yet time to rewrite and deploy my SVN bugzilla integration scripts, or get someone else's. And because I am not sure if it will just work with dreamhost, and because of lack of TortoiseSVN, etc, I am still not ready to switch to SVN on server. Next month may be, not yet. And this is from a sysadmin and CTO who is completely convinced that the switch will be beneficial in long run! There are other poor souls who are stuck with SVN, because either their startup/company is still using SVN and going to for sometime, or if they favorite open source system is stuck with SVN because of either code.google.com/sf.net only supporting SVN or because the of the excellent SVN-Trac integration that so many open source softwares are so fond of. Or for other reasons like they want to switch but could not decide between Git, Mercurial and Bazaar and few other, I would advise just move to Git, but then. For one reason or another, people are going to be stuck with SVN for sometime, and for them there is Git-SVN.

Git SVN is a cool two way bridge between Git and SVN. To be used when you love Git but your company/upstream team is stuck with SVN. I learnt about it from this blog post, I am writing my comments with using it for about a month of full time Git SVN usage.

First thing is getting SVN history into local Git:

git svn clone https://svn.foo.com/svn/proj --trunk=trunk --branches=branches --tags=tags

One of the peculiarities about my SVN repository was that I did not have trunk when I begun coding. I just got the startup idea and was in 80th revision by the time I realized I have not followed the usual design, and then I restructured my SVN into trunk, branched, tags usual hierarchy. This led to some problems. Initially when I tried that command, I skipped the parameters as man page told me that those were the default values anyways. Obviously enough I got some error and then remembered my SVN history. Then panicked a little bit. I tried checking out just the trunk portion but that failed too, as trunk was not there in the beginning, so on a last resort without hope I tried the full command, supplying the default values for --trunk etc. And git went on work. It skipped the first 80 or so commits, but I was happy as it got the rest 2000 of them. It kept on stopping because of network issues, my network was flaky, but was robust enough that simply restarting the process continued from where it stopped. I was already becoming a fan for its robustness. :-)

The first thing I did after this was to move into the directory and run gitk. This is a GUI log browser and was quite delighted to see all the revisions since more than a year back, with search and color code diff, way better than my old solution of using ViewSVN based website for browsing history, which was terribly slow, or TortoiseSVN's log feature which again was terribly slow, and no provision to search of highlight author etc. This alone was my justification for keeping git clone of my SVN fresh for quite some time, just to see the logs.

One of the reasons I picked Git over Mercurial was the concept of index in Git. On more than one occasions I committed more than I intended when using SVN, and Mercurial was going to be the same in this regard, but not Git. In SVN and all other decent version control systems, a file has to be manually added before SVN starts keeping track of it. The problem is many times during debugging I would change more than what is minimally needed to fix the issue and will have to be really careful on only picking the files I intend to commit. This is where TortoiseSVN shines, it made this process very robust, at least if you follow the best practices. On command line, this lead to errors. So was quite interested in Git in which after every change you have to add the file again, as Git does not track files, it tracks content, and commits only the content that was there when you added the file using "git add".

Anyways, if you prefer, you can get a behavior of commit very similar to SVN, but I like the Git default.

First things first. By the end of "git svn clone" this is what would happen: you will get a folder named on your project derived from svn path. This folder will contain the latest trunk.

Note: git repositories are not cluttered with .svn like folders all over, there is only one .git folder in top level folder which contains all git related data.

Now the work begins.

Lets say you made some changes in trunk. You can view the changes by "git diff". If you jump ahead and add a file that you have decided to commit by calling "git add filename", "git diff" will stop showing the changes in that file, or more strictly changes in that file till the moment you added it. The changes have gone into "index". To see the changes in the index you have to run "git diff --cached".

You can always see the status of files you have modified or added to index for checkin by running "git status".

Next thing we are going to do is committing. As you have seen already, just changing is not enough, you have to add the files again before you can commit anything. You commit by running "git commit" obviously enough, but if you are a command line warrior, you will miss/hate the fact that git does not think "git ci" is the same as "git commit" as does SVN. But if you are on a decent shell and operating system, the excellent tab completion won't let you miss it all that much. Anyways. And yes, if you are coming from SVN, don't be surprised by the speed of git commit, its nearly instantaneous because its committing to your local branch. You fellow developers using SVN will not notice it yet. But you can go on committing while net is not available.

If you do not like the process of adding a file before committing, and prefer the SVN way, you can do "git commit -a" which will detect changes in all files that are being kept track of.

No point committing if nobody can see. To push your changes upstream, in real SVN repository, you have to run "git svn dcommit". This will commit all your changes on the current branch that has not been committed to SVN yet.

A note about SVN precommit hooks: Some places have pre commit SVN hooks that do not let a commit go unless the log message mention the bug number or include copyright notice on the top or confirm with code formatting practice etc, in those cases the previous step may cause problem if you did not confirm to those rules while committing. The obvious answer is to be careful, but that is not always enough. If possible you should learn about git commit hooks and create them conforming to your SVN repositories commit hooks to ensure that errors do not take place. Though this will mean checking if bug exist before each git commit happens, and slowing down the whole blazing git commit experience but then this is how it is, if you want everything, you have to be really smart to avoid those pesky hooks altogether, but then if you don't use tools and you look like us, most probably you are a chimp. For the matter of this howto just understand that its trivial to undo your commits and redo them if you want with Git to fix some old commit you might have done, but spare yourself the trouble, write git hooks, and get the tools working for you [if you have upstream SVN pre commit hooks. Which BTW you should.].

The above step, "git svn dcommit" will also update your code with SVN changes done by others. But it will only happen if you have some changes to commit, and probably only changes that are required to merge that change will be brought in. So to robustly sync your trunk or branch with that in SVN repository, you should execute "git svn rebase" from the branch time to time.

Q: What is the equivalent of "svn revert file"? A: "git checkout file".
Q: What is the equivalent of "svn copy"? A: None. Git will detect copy, just copy it and git add it before committing.

The wonder of Git Stash:

One of the coolest thing I find in git is the "git stash" command. This takes all your uncommitted changes, and puts them in a hidden location, and reverts to the previous checked in pristine state. Many operations, like "git svn dcommit", "git svn rebase" etc require that you have all the changes checked in and no un-committed changes lying around. You may have precious changes, like local settings files, etc that you don't want to checkin but you don't want to lose them either. So you stash them before those operations. Think of stash as a named patch managed by git for you. You can apply the latest changes that you stashed by running "git stash apply". Your typical work flow could be:
• hack hack
• git add
• git commit
• git stash
• git svn dcommit
• git stash apply
• go to hack hack

Remember every time you run "git stash" a new patch will be created and stored for you, so you may want to run "git stash clear" from time to time to get rid of old stash copies. To list the stashes stored, run "git stash list". The name of each stash is pretty arcane, something like stash@{0}, and you have to type it full to refer to a stored stash by name. If you are working with branches, you may have many stashes that you want to keep around containing changes meaningful to you, so you can give them meaningful description by using the command "git stash save 'my description'" instead of "git stash", and to apply one of the stashes not on top of the list, run: "git stash apply stash@{2}" or so after getting the proper name from "git stash list". Remember the stash/patch is applied to current branch.

Working with branches:

Now the true wonder of Git. It confused me initially quite some, so hopefully this writeup will help a git newbie.

Some basics: branches in Git are of two types, local and remote. You can not work on remote branches directly, only by branching them locally can you commit any changes. So the SVN trunk and other branches and tags for that matter are visible to Git as remote branches, and "git svn clone", the first step in this howto, has created a local branch from trunk called master and checked it out for you.

To be on top of branches, get into the habit of running "git branch". This shows all local branches and indicates the current one. If you have followed this writeup, you should have a local git branch called master, and "git branch" will output just "* master". * meaning master is the currently checked out branch, and you can see its content in the current directory. "git branch -a" or "git branch -a --color" will show you all the branches, local and remote.

If you want to explore any SVN branch or tag, which is remote branch in Git's world, you can check them out:

"git checkout b_web20"

This command will bring the content of the current directory in the state that is there on the HEAD of b_web20 SVN branch. You can look but you can not commit. If you do a "git branch" now, it will show "* (no branch)" as you are viewing a remote branch.

To start work on any of the branches or trunk, you have to create a local branch first, and that is done using "git checkout -b local_branch_name remote_branch_name", so you can say "git checkout -b web20 b_web20" and it will create a branch for you and select is so that the content of current folder will reflect that branch. Now if you do "git branch", it will show "* web20", and also "master" since it was created by git svn clone and is still around, a copy of trunk.

Note: There is one more idiosyncrasy that you will have to learn, sometimes someone will create a new branch in SVN, and you will want to work on it, but you won't find it when you do "git branch -a", and neither "git svn rebase" not "git svn dcommit" will help. You will have to execture "git svn fetch" to get the new branch. Why? Beats me. [I guess rebase only rebases the current branch, and dcommit only syncs new commits on the current branch, because both are working with current branch, they don't this care about other new branches. Programmers may be smart but they are seldom nice. ]

So you have created lots of local branches reflecting the remote SVN branches. You can make changes and commit, and "svn dcommit" will push the commits in appropriate remote branch for you, commits in master <= trunk will go to trunk and in web20 <= b_web20 will go to b_web20.

Now comes the question of merging. First use case is: you are working on branch web20, which is local for remote b_web20, but changes have happened in trunk that you want to merge to web20. You have to run "git merge master" which you have branch web20 checked out. More strictly I am assuming b_web20 was created from trunk. It will merge the changes and commit them for you to your local branch web20. You can run "git merge --no-commit master" to avoid commit.

Note: "git commit --amend" can anytime be used to amend the change log for the previous commit. This often is useful for me to tailor the commit log when I accidentally "git merge" without "--no-commit" flag.

The second scenario is: you are satisfied with the branch and you want to merge it with trunk. You can do so by "git pull . web20" while you have checked out branch master, which was created from trunk. Be careful if you do a "git merge web20" instead, the master local branch will get associated with remote b_web20, and nothing will be merged. If it happens you can get another copy of trunk by doing "git checkout -b master2 trunk" and run the proper "git pull" in it. This too will commit the change, and you may want to amend the commit log. Also remember either of these merges will merge and commit in your local git repository only, you will have to run "git svn dcommit" to push these changes to SVN repository.

An unused branch can be deleted by running "git branch -d branchname". Note this will not delete the branch unless all local commits to it has been pulled or merged into some other branch. 

PS: Vakow! is hiring, so if you want to work with a really cool startup in Mumbai, get in touch!

Medical Confessions:

Do men or women make better patients?

Dr Everything Women argue but take advice; men accept advice but rarely follow it.

 

Forbes:

So what is Facebook's destiny?

Microsoft's investment in October 2007 was based on an estimated valuation of $15 billion. If we apply a 15X revenue multiple (higher than that of Google's 11), and let's assume for a moment due to its extraordinarily high monetizing potential (See: " Facebook's Monetization Strategy") to its estimated revenue of $350 million, its optimistic valuation turns out to be $5.25 billion. Based on that, we get an EBITDA multiple of 105, which is much higher than Google's 29. Moreover, we may see Facebook's valuation get a cold shower, given that even Google just missed its earnings because it is finding it difficult to monetize its social networking sites. Even News Corp.'s MySpace, which Google has pledged to support to the tune of $900 million over three years, is having trouble figuring out how to monetize its popularity.

No investment banker in his or her right mind would be willing to take Facebook public at a $15 billion valuation. Facebook could try the same kind of auction-based initial public offering that Google popularized. But investors have to be really stupid to pay this astronomical value for a company that is still in its adolescence with an unproven road map for sustainable revenue and profitability (at that scale).

Would anyone buy the company? Most certainly not at that valuation.

Looks to me like Facebook has been frozen--frozen by Microsoft's brilliant business acumen, and by Zuckerberg's adolescent ego.

...

Microsoft must have reasoned like this: "Google must not acquire Facebook. Neither should Yahoo!. Let's play to this kid's ego, and by sprinkling $250 million on the exercise, we can establish an artificially high valuation that would bring their options of exit down to zero."

On the receiving end, 23-year-old Mark Zuckerberg must have been thinking, "I must be a real stud. I've got Microsoft eating out of my hands!" If some adult at the investor table tried to mumble that this valuation may cause problems, he was appropriately silenced by the euphoria of the $15 billion.

Smart indeed.

There is a controversy in the air because of Wikipedia refusing to take down pictures of historical paintings, sensitive to Muslims. Which is understandable, given the ever so brittle muslim sensitivities, but I was quite surprised to read this on their online petitions:

In Islam picture of Prophet Muhammad (PBUH) and other Humans are not allowed.

Emphasis mine.This is just too much, I guess Flickr should expect a fatwa anytime now for showing pictures of millions of humans. Initially I thought it was some kind of error, may be by capitalizing the Human, they mean some special humans especially revered by them, not just ordinary human beings, but then came across this post by the person behind the petition:

The first question is. Is pictures or illustrations of humans are allowed in Islam?
And the answer is NOT. And this is exactly opposite to Paul M. Cobb. This Islamic Law is derived from Quran and authentic HADITH, and both Quran and Hadith belong from the life of Muhammad to its not a 20th century Law. I know before 20th century there was no Fatwa about this but there was a common understanding between Muslims on this issue. The art of pictures and illustration of Muhammad (PBUH) was only practiced in Iran or Shia Muslims. One thing is very important in this issue, not all Shia practice this. Even then painting of face was not allowed in Shia community. That is why you will find majority of illustrations with a white blank face or a face covered with Vail. But in 20th century some illustrations showing face were discovered and then Muslim scholars decided to put a Fatwa or Islamic Law in place to block this move.

I wonder how is Internet legal in Muslim countries! Or even news papers. Or movies or arts.

I can understand the out cry against cartoons or other pictures intended as mocking or insulting Islam, but these are historical pictures done by Muslim artists under Muslim kings.

This significance of this episode in my opinion is this: a well meaning, educated and moderate Muslim will hate this, and will want the photos to be taken down, where as a well meaning, educated and moderate westerner will want the photos to stay. Unlike the cartoons, Wikipedia is not going to go away and fade into history. This could be the first time the veil of "its only the extremists who hate each other" will be lifted.

Only time will tell. 

PS: On why the pictures should be removed.

Is boiling.

PS: I know frogs are more intelligent than people.

PPS: Counterpoint.

I usually do not believe in isms like liberalism or socialism or capitalism; or rather I should say I go by "makes-sense-ism".

Since after talking about suicide in my blog post the other day, I have come to change my opinion a little bit. The liberal stand on suicide seems to be "its my body, and I should be free to do anything with it, including ending it, as long as its not affecting others" or in other words "right to live implicitly means right to not live, like right to speech implies right to stay silent".

Lets see what makes-sense-ism say about this issue. First of all, its not suicide whose legality we are really talking about, its attempted suicide, so the liberal argument is kind of null and void. If someone is dead, it really doesn't matter if he committed a crime or not. Well not really, in old England for example, one used to lose his/her nobility if they committed suicide. Similarly they would not get normal funeral, the family may not get insurance benefits or other benefits from governments [though that would be punishing the wrong person]. But so is not the case in India, and few other countries countries with suicide laws, and suicide effectively can be considered beyond legal consequences.

Now lets consider "(failed) attempt to commit suicide", liberals and conservatives differ here. Liberals seems to imply that since nobody but the person who tried to commit suicide,  is getting hurt in the process, it should really not be a crime. Right to live argument can not be really invoked here, but victimless crime can be, sort of. Conservatives, where as, seems to imply that its societies roll to protect every life, even from the person themselves, and thus society should do everything in their capacity to deter them from hurting themselves.

Liberals are wrong. This is not a victimless crime. State resources are precious, emergency medical treatment, police investigation, that can be better utilized for someone really needy(who did not bring this to themselves) and there is kins' emotional distress, and possibly financial too. This line of reasoning takes us close to conservative point of view, strong penalty seems to be warranted to deter people from committing suicide (and failing). Following this reasoning a lot of countries adopted suicide laws with penalties for attempted suicide.

But conservatives are wrong too (but not for obvious reasons) (and a most of the countries did retract this law). The first argument that comes in mind after reading the above is: deterrence does not really work in this case, as you can not deter someone by scaring them about failure of what they are doing, as they are not aiming for failure anyways. You can not scare someone about going to some room, when they are not planning to go to that room in first place. Deterrence argument should be out of window. But not really, someone might say, this still is better than nothing, they will keep this in the back of their mind, and they would still consider the chance of failure and its consequences, and will be deterred a little bit.

How do we resolve this? Or is it the valid conclusion? In the spirit of "strong opinions, weakly held", my current opinion on this seems to be something like this: what really matters is if we consider the problem as a black box, without caring about what is right and wrong, and should be-s and should not not be-s, and focus on just rational conclusions and numbers to guide us. Let see what numbers would be affected, and which way we should try to move them. Sounds cold, but here is how the numbers play: since state has to provide medical treatment and police investigation anyways, penalty or no penalty is not making any difference in the amount of money spent by state. In fact jail costs, and so does judicial proceedings leading to it, so making it a crime is bad from economy point of view.

The other number, which is probably a little more significant is number of lives lost/gained. If 500 people are dying today per unit time, and a new bill is passed, and the ultimate consequence of it is 600 people dying per unit time, everything else remaining equal, the law is bad, and if only 400 dies, then its good, this much we can say without knowing what the law states. So how will number of deaths be effected by this law? Think from the point of view of the person who just tried to kill themselves but failed. They probably cut themselves, and after hours they realize they are not going to die, and its just too painful, or may be they popped some pills and all they got is nausea and uncontrolled vomiting. Lets consider the failed attempts where the victim/culprit is suffering and need help, and they are faced with the question of calling it quits (may be just for now) and requesting help. [I am claiming that in the other case; wherein either the person is not suffering from any pain, or is still determined to die and is not planning to quit despite the pain or they have passed out or in so much pain to not be able to think; the number of deaths will depend on factors other than this law, and thus can be ignored from this discussion]. Now the suffering fellow is thinking, if suicide is a crime, and if he calls medical attention, he/she will be reported and charged, and jailed ultimately, and this will just add up to the misery that forced them to commit suicide in the first place. I guess the essence of my argument is: this law will not deter them from trying to commit suicide, this will deter them from calling for help when they fail. They will try all possible avenues, self treatment, reaching out to friends who may not be qualified enough, or contacting "legally liberal with a fee" doctors, and calling regular emergency numbers would really be the last resort that the victim/culprit would be mulling over. If nothing else this will waste precious amount of time (they would be sitting thinking/hoping/telling themselves that if they just waited a little more, the pain will go down, or may be they will pass out) that might end up being too costly given the emergency nature of the situation. If there was no fear of prosecution, the victim/culprit would just call for help as soon as they realize its even a little bit more painful than they expected.

Recapping, suicide attempt laws increase the cost to state (judicial and correction facilities), and increase the number of deaths (due to improper or delayed medical attention), without reaping any benefits, and therefore does not make sense (to me at least, if you differ, speak up!), and therefore should be abolished from India, one of the few countries that still has such laws.

PS: What about planning to commit suicide, should it be legal? To me this is too much of a thought crime situation,  where would one draw the line, when someone gets a gun? or when they confess to a friend that they are having such feelings? Shrink is what they need, not courts. 

 

Start here.

An editorial about it in NYTimes. This is my problem with isms, they are good starting points, they are good guides, but the moment they start getting precedence over "this makes sense taking every thing known into account"-ism, they become part of the problem rather than the solution.

PS: Good thing NYTimes has dropped their paywall.  

Bigger is just something you have to live with in Java. Growth is a fact of life. Java is like a variant of the game of Tetris in which none of the pieces can fill gaps created by the other pieces, so all you can do is pile them up endlessly.

Interesting article on code size.

Came across "Are We Free To Be Foolish?" By Shruti Rajagopalan (Via Me). Read that first. 

While I am still have not thought and read enough on the issues of prostitution and drugs, I feel I can talk about why suicide, in my opinion, is punishable. First of all, suicide itself is not a crime(dead people don't get sued), its attempted suicide which is, and that should be punishable, because well, state is spending resource on you. Off hand, state has no way of finding out if the fellow suffocating to death was planning to kill himself or is a poor victim who needs protection, if they did, probably the right thing for state to do is to let them die, but state has to rush them to emergency rooms and provide treatment. It costs. Then state has to investigate if its really a suicide attempt or someone tried to kill him. It costs too. And this happens to not be a victim less crime, the family of the attempter are the victims (tho they might pretend to think otherwise due to the presence of an incredibly sensitive son of a b*tch, how might try to kill himself again). 

Probably the ideal punishment for this crime should be capital, why should state spend further by housing the person in a jail, when they themselves thing they are worthless, and wanted to die, after this is ideal win win situation. But out of its immense charitable nature, state decided not to kill, and let him live. State be praised.

Actually I just got a thought about prostitution, and I do not know of its morality, and frankly morality has very little to do with state actions, rightly so, state usually picks practicality and smartness consideration over moral ones when acting. In prostitution, there are various "acts", and they cost different amounts of money. If it were to be legal, in the heat of passion, some business disputes may arise, and feminist liberation army would be on the head of the state if state considered this as a merely business/civil dispute. The only system of prostitution that can be practically be legal is "fixed price, pre-approved and prepaid prostitution". Because this system allows for extreme brutalities(who is there to say where to draw the line?) I guess its okay for state to call it illegal and save itself from human right issues. Other option is to make rape legal too, but that too seems to have some tiny human right issues somewhere that I can't think of at the moment. :-)

In short, in my opinion, in the ideal world, prostitution and suicide should be illegal, thanks to the wisdom of our government for not listing to this whiny... people. And this has nothing to do with morality bullshit that Shruti is claiming. How about drugs? Not thought enough. 

Lets talk about the third set of laws, that she claims are made because state thinks the citizens are stupid. 

Helmet law: State has to bear the cost of treatment, traffic police, ambulance, emergency rooms, then all kinds of CAT scans are heavily subsidized at every level from government hospitals to exemption of service and sales tax on part to levies on import and so on. This and all kind of person safety laws should be removed the day it became okay for the government to let people die on streets. If you expect quick treatment, be prepared to wear the helmet. And don't tell me you can always pay for your treatment later on, as when you are fu*king lying in the pool of your blood, state has to decide to take you in or not, state has to take the risk of taking in even those who can not pay. They have to hedge the bets. It has to be either no one or everyone whom the state will have to invest in, and thus its logical that state demands everyone to wear the helmet. BTW if you are so proud of paying it up, and liberty, no one is asking you to wear the helmet, it just costs Rs 200/- for every ride you take without helmet. State will love you, trust me. 

Street food: State is subsidizing health care at every level, medicine, paying doctors, hospitals, tax exemptions etc. Anything that increase this cost, state has the right to make a law against. Sure the rich can pay for their health, but the only way state can make sure that only rich can shop on street food shops is by putting a constable on each of those shops kicking out poor bastards away. It would have been good to live in that "ideal" world, but we don't, and state is completely right in doing what they are doing here. 

Hand-pulled rickshaw: She claims the reason is dignity, but let me tell you a few facts about economics. Rich pay the taxes. They get to use roads more than the poor. Rickshaws are cheap. They take up space. They do not help the rich. They congest the roads. Throw them out. We did. This was definetely not a moral or paternal decision :-). 

Labor laws vs individual contracts: We have huge backlog of court cases in India. Contract is bullshit unless it is upheld and enforced by a court when in dispute. Labor laws reduce the number of cases, and forms a system in which the average case is kind of ok for the poors. Moral and Paternalistic? Please! Practical? May be.

Dance Bars: Desperate filthy people. Girls out of money, doing things to earn it. Alcohol. Late night. Ripe for prostitution? Hell yes. See, making prostitution illegal is bullshit unless state enforces it. State does not have resources to sit 2 constables in each such bar (even then who is there to watch that they would not get bribed) and make sure that prostitution is not happening. Its not even a question of dance bars, if for example there is a street where late in the night girls come and stand, and its known that few of them get taken home for a charge, its entirely practical thing for state to send police petrol to kick any woman standing on that road late in the night. It has nothing to do with dignity. State has finite resources. Terrorists are not sleeping. We can not observe every single interaction to decide if its prostitution going on or not. You just look for patterns, and remove them all together. Smart utilization of resources it is called. Politicians sell this in the name of "protecting the dignity" but only the naivest of us are supposed to buy such arguments.

Bhopal case:

The victims and citizens of Bhopal were not allowed to sue the company who took away the lives and health of their families and the prosperity of their city because the state felt that “ambulance chasers” would take away most of their compensation in legal fees.

Bullshit. For your kind information the case involved was in 100s of millions of dollars. UC India, if entirely liquidated, would not yield even 10 million dollars. Its pointless to sue them. You had to sue Uniion Carbide in US. And victims and citizens simply can not do that. Where is the question of allowing or not allowing anyone? State did not deny any right, victims could have, and did sue UC India. As part of settlement with Union Carbide (US), India waived all cases against UC-India, and this is obvious double jeopardy understanding (you don't sue twice for the same crime). Did India manage the best settlement? Probably no, probably yes, people like her (lawyers) are supposed to give their opinion about how much settlement would have been right, but the thing is, it was way beyond what the victims would have got on their own (by suing UC-India). State did a favor. Talk about thankless jobs!

In conclusion:

Do we have the right to take risks that only affect us? Do we have the freedom to live our lives as we choose after weighing the risks, even if we are being foolish according to the government? And if part of freedom is the freedom to be a fool, are we free?

We sure do. You can do many adventure sport. You can perform any risky medical procedure. But as long as you say "oh we will take risk as much as we want, but if something goes wrong, please come up and save us", as long as we put an obligation on the state to protect us from the consequences arising from those risks, the state has the right to demand some lack of foolishnes on your part.

Compensation?

More than 2,000 Indian farmers commit suicide every year because they can´t sustain their farms and pay their debts. Of course globalisation has been blamed for this, just like it´s been blamed for everything else going wrong in the world. But others have pointed out that the real villain is agricultural subsidies - US taxpayers are forced to pay for the dumping of cotton in India, which destroys their market. And without a sophisticated financial system or micro credits, the Indian farmers can´t deal with even a temporary loss of income. 

But I just talked to a person with some insights into Indian agriculture who mentioned another, terrifying reason. The Indian government pay Indian families who have lost their father after a suicide about $3,000. It´s a way of helping of course. And it´s a fortune. About ten times the annual wage. Unfortunately it´s also a powerful incentive for someone who can´t provide for his family.

Sad but plausible.  

Stop bending your left thumb in funny ways, after all its opposable thumbs that gives us all the superiority. Here is a reg file to do it on windows[remember to reboot after applying it], other platforms should not be that difficult.

And mix both hands in all the key combos, Right Alt with Tab on left, Right Ctrl with C to copy etc. 

Grok tutorial. 

In his futile attempt to fight terrorism, Mr Mukhi asks us a question:

“The question we need to ask ourselves is whether a breach of privacy is more important or the security of the nation. I do not think the above question needs an answer,” said Mukhi.

Not only Mr Mukhi is completely clueless about cyber security, he has no idea why the notion of privacy is so important. So what is wrong if our password are stored and is available to police. Why is someone potentially reading our mails such a big problem?

Privacy relates to access of private information about individuals. Human beings associate trust with this information. Imagine someone coming to you and accusing your wife of adultery, in one case he just proclaims, your wife sleeps with other people. This is meant as an insult and you will take it as such, and will just ignore it. But imagine if he has access to your wife's calendar, and says dude yesterday you thought your wife went to laundry in the evening, well she went some other place, and that movie thing she did with her friends last Friday, well, she dint go to the movie either :-), and few other such tidbits. Ignoring the allegation has become so much difficult now. Imagine if he has access to your wife's email account and told you that she still is in touch with her collage ex boyfriend, your wife will not be able to deny this, but she never saw him, and knew how you hated him. The marriage is in deep trouble don't you think? He might not approach you and might blackmail your wife and make some money out of it.

Everybody has stuff about them that if taken out of context can be a cause of great deal of embarrassment or in many cases much worse. Privacy is our weapon against people finding out things about us and misusing them.

Now imagine, 30-40 percent of Bombay accesses internet through cybercafes. If all passwords are being recorded, sure someday someone will discover where they are and steal them. May be the security would be tight, but may be not.

More about trust aspect of privacy. If I call a girl and ask her to come to some place, she will most likely not, but if I have access to her email password, I can find out about her trusted friends from it, and can pretend to be a friend of them calling her to tell her that the good friend of hers is in accident, and caller found her number from the cellphone in his pocket. The chances that the girl comes to the desired place become so high now, don't you think.

There was a case about a guy being lured to a place and kidnapped and I guess murdered using orkut. The guy made a mistake of trusting an unknown person, but imagine if passwords are stored for lackhs of people in some police computer and its gets stolen, how many potential blackmail and murder crimes might get facilitated.

The passwords would be stored in the cybercafe, one point of attack, anyone sitting on this computer can potentially get the passwords. Next passwords will be collected by cybercafe operator, he might steal them himself, or someone might steal them from him. The passwords would be stored in CDs and collected by someone, or electronically uploaded to some site. Sites get hacked all the time, millions of passwords will just give extra incentive to the hackers. Then there are numerous personnel involved in maintaining the remote database that stores all keypresses, any of them could make a copy for himself.

I know of kids of millionaires and billionaires on Orkut, and if I can kidnap them, I can demand hefty ransom. I might be willing to sell this idea to some underworld don to just kidnap kin of system administrators responsible for the database.

Do you really think Mr Mukhi that such risks are worth the near zero benefit that we are going to get out from the privacy invasive plan that you are rolling out? What have you done to protect such privacy invasion? And if you did do anything, you would be a misreable sob if you did not, then why did you decide to redicule privacy concern instead of convincing us that suitable measures are being taken to protect our privacy?

Any data that is collected can be retained and stolen. A lot of privacy information can be gleaned from those datum and trust system inherent with privacy can be exploited to harass people or engage in criminal activities against them. Privacy is thus important. Especially against such un-thought-out measures by government officials, who usually do it under the guise of fighting terrorism.

Vijay Mukhi, President of the Foundation for Information Security and Technology, is introducing a plan for Mumbai police to install a keylogger and screen grabber on all cybercafe machines in Mumbai. Why only cybercafes? Mr Mukhi explians:

"The terrorists know that if they use machines at home, they can be caught. Cybercafes therefore give them anonymity."

To me this is on the verge of bullshit. Has the president of foundation of information security and technology, heard of Tor?

Tor (The Onion Router) is a free software implementation of second-generation onion routing — a system enabling its users to communicate anonymously on the Internet.

It is a US Navy funded project, I guess Mr Mukhi knows something that US Navy and EFF security experts do not that gives him the confidence that anonymity offered by Tor is not enough!

Tor is just one example, there is SSH dynamic port forwarding that acts as a proxy, and if you have access to a server outside India, it provides complete privacy against Indian surveillance. Getting access to a server outside India costs as low as a dollar per month.

These two solutions give access to privacy that even a complete novice can use [once you realize you have something to hide from government, and have spent a few minutes on Google for basic instructions on how to set things up]. There are more advanced techniques, I can hide encrypted information in unrelated files, like images, upload it to flickr for instance, and my friends can access it, and government can not do anything about it, unless they are sitting right next to me while I am doing all that.

It is an impossibility to even conceive that such communications can be tapped, unless the sender has made some obvious mistakes. Terrorists aren't making many otherwise police must have stopped them in action!

Lets talk about keylogging and screen grabbing for a minute. What if someone is using codes to transmit messages? This is how the world war I and II were fought, encryption. The encrypted text could be written on a piece of paper, typed and Mumbai police will keep staring at the screen wondering what the hell to do with those garbage looking text?

Further, keyboard is just one of the input mechanisms available to enter some information on a computer. First thing that comes to mind if Keyboard is not safe is mouse. There are on screen keyboard that one can use. Screen grabber might help a little bit, if mouse movement is tracked, and screen shots are taken at enough frequency as to not miss any mouse clicks, it might be of some help. But only if no code has been employed. Then many cybercafe allow USB thumb drives, these may contain mails that I want to send my fellow terrorists, how would keylogging and screen grabbing help? Many offer microphones, I can imagine few offering bluetooth. Terrorists are smart, much smarter then the police at least, and they have proved it on numerous occasions, thinking otherwise would be foolish.

This entire exercise is futile against anyone with very basic knowledge about the subject.

Mr Mukhi asks an interesting question:

“The question we need to ask ourselves is whether a breach of privacy is more important or the security of the nation. I do not think the above question needs an answer,” said Mukhi.

Terrorists are using cybercafes for planning terrorism related activities. I would be really surprised if they are not using their home computers for doing the same. If my assertions are correct, and the measures taken by Indian police is completely futile in stopping any of them, the question is, did the police know how futile these are, or they are really ignorant enough that all this is coming as news to them? Is this move an honest attempt by police to stop terrorists, or an attempt to save their face for not doing anything. This is not just a casual question, if Mr Mukhi knows that these measures are futile, and yet pretends it will work, I will consider him a part of terror network, who is helping the terrorists.

The blood will be on the hands of Vijay Mukhi for either being actively part of terror network by misusing his position as president of foundation of information security to use inappropriate measures to stop terrorists, or for being an incompetent officer who does not know the basics of information security and yet is egoistical/selfish enough to continue to be as president, and not let other more competent people take over.

Here is what I would have done if I was the president. First of all, I would impress upon everybody that all such mass surveillance is a seductive but bad idea to capture determined individuals. They never work. What works against terrorist is the same that works against any crime and specially the ones involving international parties, and that is solid ground investigation. The old fashioned investigation based on clues obtained in questioning and crime scene, pursuing it with diligence, tracing all the leads, and so on. As a president I would build information infrastructure to help in such investigation, finger print database, car license information database, analysis of bank accounts. I would try to introduce the 100 year old information technology that is radio to more police officers. I would try to build systems in which various police forces in India can share investigation progress and findings. I will help build data-mining systems to mince all information conceivable from data collected all over the country by ground agents.

I would at least realize that my actions, as president of that institution, must be helping terrorists unless they are deterring them.

Indian police is helping terrorists by not getting rid of people like Mr Mukhi, who is either incompetent or terrorist's accomplice.

Am I overstating? Do you think president of such information technology security thing will know something about blogs? Could he have posted his plan on some place and invited discussion from security experts? Did he get his plan reviewed from anybody in any computer science professor specializing in Comptuer security? There are many in IIT Bombay. Or did he just say to himself: oh I am the president, whatever plan I come up with must be right, and other people would not know better, because it is my job to research validity of such plans ha ha ha. Terrorists are using internet to plan bombings, no doubt about it, did he really feel he has outsmarted all of them? This arrogance is costing us lives, and I do not feel right to mince words and call him anything less than a terrorist himself. They kill for religion and misplaced ideologies, he lets them kill for money, I guess he can be counted as worse than them.

Doctors get sued all over the place for malpractices. This is malpractice to me.

This is not just a minor mistake: there is a scarcity of police resources that we have for fighting against terrorists. Instead of trying to coordinate with ground investigators to narrow down to individuals that might give some real progress, this fellow is starting a program that will tie our scarce police resource to excessive cybercafe monitoring, and prosecuting, in the name of fighting terrorism, when its nearly theoretically impossible for the program to make smallest dent in the terrorists networks ability to utilize internet to plan next terror attacks.